Sharing is caring!

Whenever a new game creates mass hysteria, a door of great opportunity stands wide open for hackers who develop clones with malicious content and infiltrate them n the Google Play Store. It was predictable that Pokémon Go will be the next targeted game and Android users who don’t know much about it, but want to download it from the official store, can be tricked to install a malicious variant of this game and some of them already made the mistake to download Pokemon Go Ultimate which, according to ESET, was the first “lockscreen” app that got onto Google Play.

Google has immediately pulled Pokemon Go Ultimate from its Google Play store. After it was installed, this application appeared as “PI Network” and it froze devices, making them unresponsive and the only way to make their phones functional again, users had to remove the battery. And when they rebooted their devices, they couldn’t find the PI Network app, thinking that they’ve got rid of it, but in reality, the application kept on running in the background and it generated fake ad clicks. However, the application can still be uninstalled and it can be done by going to the device’s application manager.

ESET has warned that there are more malicious applications related to Pokemon, being called “Install Pokemongo” and “Guide & Cheats for Pokemon Go.” They promise to generate free in-app items such as Pokecoins, Lucky Eggs or Pokeballs, but they’re just bait-and-switches, and their only purpose is to “attempt to mislead the user into subscribing to expensive bogus services.”

There are also applications promising to offer tips and tricks for ‘side-loading’ the game, but ESET hasn’t checked all of them, to make sure that they’re not hiding any malware. We’re pretty sure that Google’s employees will be required to be more careful what applications they’re accepting on the Google Play store, so that no other malicious fakes will sneak in.